Uber Employees Accused Of Using Company's Tracking Technology To Stalk Celebrities And Exes

Uber employees have been accused of using the company’s vehicle-tracking technology to obtain the whereabouts of celebrities and ex-lovers – and helping others do so to.

Former Uber forensic investigator Ward Spangenberg, who was fired from the company earlier this year, is suing the company for age discrimination as well as “whistle-blower retaliation” after raising concerns over security breaches.

Spangenberg made the allegations in a court-signed declaration which claims the company failed to protect sensitive information on both customers and employees.

“Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses,” Spangenberg wrote in a court declaration, signed in October under penalty of perjury obtained by The Centre for Investigative Reporting.

Spangenberg says he frequently objected to what he believed were “reckless and illegal practices”, he was fired after only 11 months.

“I also reported that Uber’s lack of security, and allowing all employees to access this information (as opposed to a small security team) was resulting in a violation of governmental regulations regarding data protection and consumer privacy rights,” he stated in the declaration.

The Centre for Investigative Reporting adds that another former Uber employee, Michael Sierchio, agreed that Uber had particularly weak privacy protections in place.

“When I was at the company, you could stalk an ex or look up anyone’s ride with the flimsiest of justifications,” he said. “It didn’t require anyone’s approval.”

An Uber spokesperson says the claims are “absolutely untrue” and that there are strict policies and controls around who could access user data.

“We have hundreds of security and privacy experts working around the clock to protect our data,” Uber said in a statement.

“This includes enforcing strict policies and technical controls to limit access to user data to authorized employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated.”